Security challenges & opportunities for manufacturing
13 January 2021
Technologies are coming together to drive the next wave of improvements in manufacturing efficiency and capability. One key element is the shift toward using the resources available in the cloud to provide advanced processing at low cost. Cliff Ortmeyer looks at the issues
The cloud is a valuable resource able to support more advanced planning and operational systems than those available to users who rely on programmable logic controllers (PLCs) and shop floor industrial computers to manage production. The techniques available range from big data analytics to spot trends that can be leveraged through changes to low-level controller code through to artificial intelligence.
Martin Walder, Vice President of Industry at Schneider Electric comments: “In the manufacturing world, we’re in the very early phases of the use of AI (Artificial Intelligence). If you look in some sectors, car insurance for example, there is a huge amount of AI running in the cloud and looking at data from multiple vendors’ histories. In the manufacturing world, we’re still in the early days.” Although Industry 4.0 and the Industrial Internet of Things (IIoT) can provide the manufacturers who embrace it at this early stage with a major competitive advantage, adoption comes with risks. Security is a major issue. As more data is passed from the technology to the cloud, there is the justifiable concern that it might be intercepted in flight or by hackers targeting systems.
Thomas Dale, Engineering Manager at Omega, says discussions with customers lead to a number of questions about the problems of insecure systems. “Why would somebody take that data? Is it to gain a competitive edge? Is it to steal intellectual property? Is it to inject false data into the system? Is it merely a method to get into your system so that they can do other nefarious stuff in your financial system? We spend a lot of time talking about security. It’s a key issue,” he says.
When the data was inside the factory, air gaps and the relative inaccessibility of data that might be held on PLCs and industrial computers made security less of a concern. However, this changed when discussions turned to making use of the cloud. “What holds some people and companies back is fear about cybersecurity and how they can be sure they have a secure interface when they are using the cloud. Many companies have concerns about any data in cloud being accessed outside of the company,” says Steve Sands, Product Management and Marketing Manager at Festo. Jeff Barnes, Distribution Corporate Account Manager for Molex in Europe, agrees as he explains: “If you increase connectivity, you increase vulnerabilities and the potential for cyberattacks.”
Those working in manufacturing are far from alone. A PwC study in 2017 revealed that around 62 percent of global CEOs fear that cyber threats will impact their company’s growth prospects. For a network to be truly secure, it must be secure all the way through from the floor to the cloud. Walder agrees with this noting that Schneider helps its customers secure their base systems before trying to link them to internet-based computing resources.
Much of the conventional focus on security is at the edge of the network, with suppliers such as Festo offering IIoT gateways with security features. The firewalls provided by such gateways analyse incoming and outcoming packets to ensure they comply with usage rules. Packets that show suspicious activity are blocked. However, it is important that industrial systems offer defence in depth as the use of wireless technologies within the factory and the use of cloud computing resources increases the overall attack surface. A firewall around the physical factory is useful but it cannot provide a fully secure solution. Security must be designed into the automation systems.
“Molex’s industrial automation solutions seek to address security at every level from the earliest phase of design. This includes having a dedicated security team and support system to address individual products and customer use-cases. In addition, we are continuously following leading security standards, including IEC 62443,” says Barnes.
The introduction of cloud computing introduces several dynamics to the world of manufacturing. Although companies are justifiably concerned about the potential for data being intercepted, the cloud providers have been quick to create solutions that enhance security rather than compromise it. Industrial suppliers are now engaging with them. Sara Ghaemi, Key Account Management-Team Leader for Automotive and Industrial Systems in Europe at Panasonic, says that in addition to integrating security into its own products in cooperation with supply-chain partners, “we also use partnerships with other big companies to help our customers with data analytics, cloud solutions and cyber security”.
A key example of the benefits of cloud-device integration can be seen in Microsoft’s Azure Sphere, a comprehensive IoT security solution that takes account of the many lessons the company has learned with the combination of its own systems, such as the Xbox, with the cloud. Azure Sphere is built around a complete supply chain for embedded processors. Each device built to use the service has a hardware root-of-trust that is loaded on the product with security credentials that identify it to cloud-based systems. As soon as the device is connected, it can authenticate itself to the cloud as well as checking the authenticity of the servers themselves using standard highly secure protocols. This means there is never a need to send unencrypted data from any device into the cloud. As it is integrated into the Azure Sphere infrastructure, the system takes care of firmware updates to ensure there are no known vulnerabilities that can be exploited by hackers.
Azure Sphere provides a way to obtain easy security for custom computing and sensor devices. However, like Panasonic, many of the leading vendors in the space are working with the cloud providers to support end-to-end security. According to Sands, Festo also uses Azure Sphere to support cloud-device integration, commenting: “We can offer easy ways to get ‘things data’ into predefined dashboards for visualisation in a secure cloud space, such as Microsoft Azure, and make it very easy to do.”
Walder believes there is a further connection that needs to be made. “When I look at most of our customers, they have grown up with ‘IT’ people working on office IT systems and ’controls’ people working on operational plant systems. The IT people typically don’t have much experience with the manufacturing environment and the controls people have limited knowledge of the IT systems, particularly security. In the future, the companies that are going to thrive in the business are those that actually let the operational parts of the business start driving the IT agenda more, enabling IT people and OT (operational technology) people to really collaborate together. They will need to have a combined strategy, because the strategy has to be combined right now if you’re going to move forward with Industry 4.0 technology.”
Driving force change
Though it is a challenge, the impetus to improve security can become a driving force for the kind of change that is needed to make Industry 4.0 a success. Increasingly, what were originally point products designed to secure a particular node, vendors are working together to support an end-to-end approach with full interoperability. There is a need for more training, education and support to fill the IT skills gap in operations professionals, but this has already begun to be provided by both employers and suppliers. As security concerns are addressed, industry will have more confidence in deploying IIoT technologies, enabling them to reap the many benefits of this technology.
“By integrating distributed control architectures with embedded security, factories will be able to move safety and intelligence closer to the point of need to enable dynamic real-time processing. A higher level of intelligence per device eliminates the need for costly central controllers by distributing logic among devices,” says Barnes. The result will be industrial systems that provide not just real-time control but real-time insight that can drive competitive advantage in the future.
Cliff Ortmeyer is global head of technical marketing at Farnell
- Industry 4.0 and IIoT can provide manufacturers with a major competitive advantage, but adoption is not without risks
- Many companies have concerns about data in the cloud being accessed from outside of the company
- Cloud providers have been quick to create solutions that enhance security rather than compromise it